Download

Use the links below to download a distribution of Apache Ivy from one of our mirrors. It is good practice to verify the integrity of the distribution files, especially if you are using one of our mirror sites. To do this you must use the signatures from our main distribution directory.

Apache Ivy is distributed as zip and tar.gz archives - the contents are the same. Please note that the tar.gz archives contain file names longer than 100 characters and have been created using GNU tar extensions. Thus they must be untarred with a GNU compatible version of tar.

Select mirror

You are currently using [preferred]. If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available.

Other mirrors:
To get information about the different kind of distributions, see that page.

Building from source

Then to build Apache Ivy from source, assuming you have Apache Ant 1.6.2+ and a jdk 1.5+ installed, then you only need to run the following command:

ant jar

Then you will find ivy.jar in build/artifact.

Snapshot build

The Apache Software Foundation hosts an installation of the Jenkins CI-system where a continuous build of Ivy is available. Note that these are not official builds and they are not endorsed or even supported by the Apache Ivy team. But if you have problems with testing the latest (successful) build, you are welcome to post that on the mailinglist.

It is essential that you verify the integrity of the downloaded files using the PGP signature or the SHA1 or MD5 checksums. The checksums are not as strong indicators as the PGP signature.

The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the particular distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using

% pgpk -a KEYS% pgpv apache-ivy-2.4.0-bin.tar.gz.asc

or

% pgp -ka KEYS% pgp apache-ivy-2.4.0-bin.tar.gz.asc

or

% gpg --import KEYS% gpg --verify apache-ivy-2.4.0-bin.tar.gz.asc

Alternatively, you can verify the checksums on the files. Unix programs called md5/sha1 or md5sum/sha1sum are included in many unix distributions. *sum is also available as part of GNU Textutils. Windows users can get binary md5 programs from here, here. fsum supports MD5 and SHA1.